Re: [nfsv4] Ben Campbell's No Objection on draft-ietf-nfsv4-multi-domain-fs-reqs-10: (with COMMENT)
Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com> Wed, 07 September 2016 14:46 UTC
Return-Path: <spencerdawkins.ietf@gmail.com>
X-Original-To: nfsv4@ietfa.amsl.com
Delivered-To: nfsv4@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 37FD412B024; Wed, 7 Sep 2016 07:46:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id StjdthlP72QV; Wed, 7 Sep 2016 07:46:30 -0700 (PDT)
Received: from mail-yw0-x234.google.com (mail-yw0-x234.google.com [IPv6:2607:f8b0:4002:c05::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 769A012B01A; Wed, 7 Sep 2016 07:46:30 -0700 (PDT)
Received: by mail-yw0-x234.google.com with SMTP id s85so10268794ywg.3; Wed, 07 Sep 2016 07:46:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=wsnRY86ZXC76swAHPgoU+98XcEqiMnDgiF+xWClCKYQ=; b=hTMSA/l4sERdf8oSgLBR4QcXSFXK9UAKHQACKYu8hfDEGkFYWhtI5m36AAbSFtXbSa s1naNIdn7geY1WDd6d6dz03tbYsdsW23+wj3mOCtAw0Mz39PcOmeYMOcsKEyO7b3QOaO h7rU9ZNXbyGh6DVXBCIipB6aowKgx9nNlguyozuF4s6NvkU5dxwt2mcmuH3UE3UNLqmU UdWiv3l+DDqOOLdGOiwxGBCzpkF8QIP1ZPMw3QVRuFEF79LVja7jq88jVYxPgdxTIgto Chb18tQsBiaYSD2Wr3xFUkAZtDq82cVjsj+2Kl75lfOVNXdImJuqF2n37yT3Orv5ODzU hQog==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=wsnRY86ZXC76swAHPgoU+98XcEqiMnDgiF+xWClCKYQ=; b=bqM2CnM2MET5YjoN7E9QvqvXPq2GwbWOwcqK2Tq1itbY5cYtxXa128futL68XOT1Qc l8YdiVMumC1X1+5PmIAN9+z/LEb2OGXCJFbVev/L64e8PxJ8jJ7aKlrGjvqwEcX5coDb ep8ryczViCv8EfwhN0XOjAamcw/H3qTNXH6+5V7YCv8etuX9NLvgJoSUa3+oVeH4G6c0 9AcIwbtcbFnujb4e7p1buTuOS3Riokai5UVO3GtE/UqLZhxre1OG5n56cWUYrrqA5tIA I1d/IUqHkD+/zijjdF/KFPny09ojmTNENemyAtOXbGrXhMtsoMyKB9T1JRnPHNKQipNh /j1A==
X-Gm-Message-State: AE9vXwOlMTsvm1mr2C6rpFiektM4FBkc2FkG03ZmFoMWUD6oPxblskrJNkoXKu3595PqGzLJxSjhu3GDnhsasQ==
X-Received: by 10.129.82.206 with SMTP id g197mr18109232ywb.208.1473259589675; Wed, 07 Sep 2016 07:46:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.37.24.86 with HTTP; Wed, 7 Sep 2016 07:46:29 -0700 (PDT)
In-Reply-To: <4FC46B8D-F3D7-47E4-B273-DAA826CD8ECA@netapp.com>
References: <147258068347.23741.13088390380927638223.idtracker@ietfa.amsl.com> <E1A2928C-852C-4C10-8122-E9463A228B24@netapp.com> <4B962427-36EE-42A0-81FF-8F193F5985A0@nostrum.com> <CAKKJt-fFkSe_+ws9JfsDfirZBZJqRaX17yOA7GJoC5QKsQMCxw@mail.gmail.com> <4FC46B8D-F3D7-47E4-B273-DAA826CD8ECA@netapp.com>
From: Spencer Dawkins at IETF <spencerdawkins.ietf@gmail.com>
Date: Wed, 07 Sep 2016 09:46:29 -0500
Message-ID: <CAKKJt-eeiWaZijo-XeoyDQE2opxV3DyVQ=SPrwvCFvKjbNaDJA@mail.gmail.com>
To: "Adamson, Andy" <William.Adamson@netapp.com>
Content-Type: multipart/alternative; boundary="001a114d70da81323c053bebfae5"
Archived-At: <https://mailarchive.ietf.org/arch/msg/nfsv4/TvDaItKCM34eELIs_7cHWOQaQtw>
Cc: Ben Campbell <ben@nostrum.com>, "draft-ietf-nfsv4-multi-domain-fs-reqs@ietf.org" <draft-ietf-nfsv4-multi-domain-fs-reqs@ietf.org>, "nfsv4-chairs@ietf.org" <nfsv4-chairs@ietf.org>, "nfsv4@ietf.org" <nfsv4@ietf.org>
Subject: Re: [nfsv4] Ben Campbell's No Objection on draft-ietf-nfsv4-multi-domain-fs-reqs-10: (with COMMENT)
X-BeenThere: nfsv4@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: NFSv4 Working Group <nfsv4.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/nfsv4/>
List-Post: <mailto:nfsv4@ietf.org>
List-Help: <mailto:nfsv4-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nfsv4>, <mailto:nfsv4-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2016 14:46:33 -0000
Dear All, On Fri, Sep 2, 2016 at 1:34 PM, Adamson, Andy <William.Adamson@netapp.com> wrote: > > > On Sep 2, 2016, at 1:45 PM, Spencer Dawkins at IETF < > spencerdawkins.ietf@gmail.com> wrote: > > > > Hi, Andy, > > > > This draft was approved on the telechat yesterday, but I still had two > questions from Ben's comments after looking at the diffs for 09-11 (below). > The other responses seem to be handled. > > Hi Spencer > > OK - good to hear. See below. > > > > > > Please let me know what you think. > > > > On Tue, Aug 30, 2016 at 3:14 PM, Ben Campbell <ben@nostrum.com> wrote: > > On 30 Aug 2016, at 13:28, Adamson, Andy wrote: > > > > On Aug 30, 2016, at 2:11 PM, Ben Campbell <ben@nostrum.com> wrote: > > > > Ben Campbell has entered the following ballot position for > > draft-ietf-nfsv4-multi-domain-fs-reqs-10: No Objection > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut this > > introductory paragraph, however.) > > > > > > Please refer to https://www.ietf.org/iesg/statement/discuss-criteria. > html > > for more information about IESG DISCUSS and COMMENT positions. > > > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-nfsv4-multi-domain-fs-reqs/ > > > > > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > I am a little bit confused about the purpose of this draft. > > My confusion > > is probably related to Brian's Gen-ART comments. > > > > OK - did you read the response? I case you have not, here is portion of > the response that addresses the SP vrs BCP concern. > > > > ————— > > This latest round of comments - including the SecDir review from Russ > Housley shows that there is still an impedence mis-match between the > title/abstract and the intended status of Standards Track versus an > Informational draft or best practices. > > > > I feel that the use of "Guidelines" in the title, and "guidance" in the > abstract point to an Informational draft rather than a Standards track. > > > > This draft is a Proposed Standard (not an Informational or BCP) because > the MUST and REQUIRED noted in section 6 of the doc are absolute > requirements for an NFSv4 multi-domain file name space to work. These can > not be BCP as an NFSv4 multi-domain file name space will _not_ work without > these requirements. > > > > I have completed a draft-ietf-nfsv4-multi-domain-fs-reqs-10 with the > following changes: > > > > 1) The title to be changed from > > > > "Multiple NFSv4 Domain Namespace Deployment Guidelines" > > > > to > > > > "Multiple NFSv4 Domain Namespace Deployment Requirements" > > > > > > 2) The first sentence in the abstract (and in the introduction) to be > changed from > > > > This document provides guidance on the deployment of the NFSv4 > > protocols for the construction of an NFSv4 file name space in > > environments with multiple NFSv4 Domains. > > > > to > > This document presents requirements on the deployment of the NFSv4 > > protocols for the construction of an NFSv4 file name space in > > environments with multiple NFSv4 Domains. > > > > ————— > > > > to which Brian responded: > > > > > > On Aug 29, 2016, at 7:23 PM, Brian E Carpenter < > brian.e.carpenter@gmail.com> wrote: > > > > Hi, > > > > Thanks for version -10. I appreciate the clarification to the title etc. > > > > (All the same, a BCP is just as mandatory as a Draft Standard. But it's > > a judgment call, of course.) > > > > Regards > > Brian Carpenter > > > > I read that, but it didn't answer my question about _what_ the > requirements applied to. But you address it below... > > > > > > > > Specifically, who/what do the normative requirements in section 6 apply > > to. Are these implementation requirements or deployment requirements? > > > > They are deployment requirements - which I feel is very clear. > > > > To put a finer point on it, do you think an implementer can write the > code for a multi-domain nfsv4 service without reading this document? For > example, are the identifier mapping requirements strictly deployment issues > without impact on the code? > > > > I am also curious about this … > > The identifier mapping requirements of preserving the domain portion of > the name@domain and/or the REALM portion of the Kerberos principal@REALM > could impose some extra coding requirements on what is stored in a name > service and the query calls to the nameservice. > > For example, the Linux ns_switch getpwnam, getpwuid which are commonly > used for name<=>ID mapping do not utilize an @domain or an @REALM portion > of a name (either as input nor as output). Just to follow up, I wasn't sure what Andy was saying here, so I had a private conversation with Andy, where he said The coding requirements to map domain portion of the name@domain and/or the REALM portion of the Kerberos principal@REALM exist in RFC7530 and RFC5661, so there are no new coding requirements and so no Updates header. So, no Updates header is needed. Thanks, Spencer > Back in 2007 I wrote the Linux idmapd daemon translation service which > included the nsswitch translation method, and the umich_ldap translation > method (I worked for CITI at the University of Michigan at the time). The > umich_ldap translation method was written to handle the @domain and @REALM > portion of names for name to ID mapping. It included adding schema to LDAP > (NFS4Name, GSSAuthName) and coding the associated LDAP queries for mapping > between NFSv4Name or GSSAuthName and the UID. > > http://www.citi.umich.edu/projects/nfsv4/crossrealm/ > libnfsidmap_config.html > > It still exists - if you are curious, see the attached /etc/idmapd.conf > >
- [nfsv4] Ben Campbell's No Objection on draft-ietf… Ben Campbell
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Adamson, Andy
- [nfsv4] Ben Campbell's No Objection on draft-ietf… Ben Campbell
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Ben Campbell
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Spencer Dawkins at IETF
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Adamson, Andy
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Spencer Dawkins at IETF
- Re: [nfsv4] Ben Campbell's No Objection on draft-… Spencer Dawkins at IETF